This article was posted to the Usenet group alt.hackers in
1995; any technical information is probably outdated.
Parent
Re: What is the... This one?
Article: 7555 of alt.hackers From: vea@alkymi.unit.no (Eivind Vea) Newsgroups: alt.hackers Subject: Re: What is the... This one? Date: 27 Mar 1995 21:20:30 GMT Organization: Norwegian Institute of Technology Lines: 27 Sender: vea@vann.alkymi.unit.no (Eivind Vea) Approved: Yep. Message-ID: 3l7a6u$lq@due.unit.no NNTP-Posting-Host: vann.alkymi.unit.no Status: RO
In article <3l4nc5$207@illuminati.io.com>, marlowe@io.com (marlowe) writes: | So, I'll bite. Does anyone know what the security hole is in finger? I | can understand not wanting to have anyone be able to finger in, but why | wouldn't the admins what me to finger out? Well, in addition to what the others already have mentioned, I know this one: ObFingerHack: If the fingerdaemon at your site supports .fingerrc-files, then you may put a script in a .fingerrc-file. This will get started by the daemon, thus running as user "nobody". It's possible to start off other processes as user "nobody", and you can for instance get yourself a nobody-shell. It really isn't a securityhole, because nobody usually doesn't have any privileges you don't have yourself. On the other hand, it could be used for faking mail etc... :-) -- ------------------------------------------------------------------------ Eivind Vea vea@alkymi.unit.no | Old blondes never fade, http://www.stud.unit.no/~vea | they just dye away ------------------------------------------------------------------------
Parent